Massachusetts Veterans Jobs

MassHire JobQuest Logo

Job Information

UKG (Ultimate Kronos Group) Senior PAM Security Engineer in Lowell, Massachusetts

Senior PAM Security Engineer

General Information

Ref #:


Travel Amount Required:

Up to 25%

Job Type:

Regular-Full Time


Alpharetta - Georgia - United States, Atlanta - Georgia - United States, Lowell - Massachusetts - United States, Weston - Florida - United States

Company Overview

Here at UKG, our purpose is people™. Our HR, payroll, and workforce management solutions help organizations unlock happier outcomes for all. And our U Krewers, who build those solutions and support our business, are talented, collaborative, and innovative problem-solvers. We strive to create a culture of belonging and an employee experience that empowers our people – both at work and at home. Our benefits show that we care about the whole you, from adoption and surrogacy assistance to tuition reimbursement and wellness programs. Our employee resource groups provide a welcoming place to land, learn, and connect with those who share your passions and interests. What are you waiting for? Learn more at #WeAreUKG

Description & Qualifications


About the Team:

We are seeking a highly skilled and motivated Sr. IAM Security Engineer who has experience in Identity Access Management (IAM) technologies; Identity Governance & Administration (IGA), Privilege Access Management (PAM) and related Identity technologies to join our dynamic and growing team. The security engineering team plays a critical role in supporting the continuous Security Lifecyle. This team promotes and challenge teams within and outside of Security.

About the Role:

The successful candidate will play a key role in designing, implementing, maintaining, and documenting robust PAM program to ensure the security and integrity of our organization's information assets. This includes managing security tools and tasks such as installing, configuring, and updating hardware and software; working on automation workflows, integration with application and tools, establishing and managing accounts; overseeing or conducting disaster recovery testing; implementing operational and technical security controls; and adhering to organizational security policies, standards, and procedures.

Primary/Essential Duties and Key Responsibilities:

• Design, implement, and manage PAM solutions to meet organizational security requirements.

• Privileged Access Management: Develop and enforce access control policies to restrict unauthorized access based on zero standing privileges. Implement and manage Privileged Access Management (PAM) solutions to safeguard sensitive systems and data with the understanding of Just-in-time provisioning (JIT). Implement and maintain Secrets Management

• Authentication and Authorization: Continuously evaluate, implement, and maintain multi-factor authentication mechanisms to enhance user authentication and experience. Design and enforce role-based access control (RBAC) policies.

•Integrate PAM solutions with other security tools and systems to provide a seamless and comprehensive security posture. Collaborate with application and system owners to integrate PAM controls into their environments.

•Participate in incident response activities related to PAM security incidents. Setup Identity risk related detections and alerts

• Operation and Documentation: Ensure all systems operations and maintenance activities are properly documented and updated. Process Service Request and troubleshoot incidents. Recommend, create, and maintain security configuration baselines to be used to harden systems. Automate manual tasks for improved efficiencies. Assist in developing requirements and driving deliverables.


About you:

Basic Qualifications:

• Minimum of 3-5 years of experience in as Identity or Security Engineering role working with IAM technologies; Identity Governance and Administration (IGA), Single Sign-On (SSO), and Privileged Access Management (PAM).

• Strong knowledge and understanding of both SSO, MFA, APIs, Federations, networking, authentication, and authorization concepts

• Hands-on experience with Enterprise IAM, IGA, and PAM technologies, protocol, and standards in a Hybrid Cloud environment

• Strong understanding of Identity systems

• Knowledge of security frameworks including NIST, ISO, CIS, OWASP 10, etc

• Understanding of SSL/TLS certificates and implementation (Private and public key infrastructure)

Preferred Qualifications:

• Bachelor or master’s in information systems, Information Security, Computer Science, or related fields

• Industry recognized Security certification such as CSSP, CISSP, CISM, or relevant IAM vendor certifications are a plus.

• Understand what Zero Trust Network and how it plays a role with privilege access management

• Able to read scripting languages (e.g., Python, PowerShell) for automation


EEO Statement

Equal Opportunity Employer

Ultimate Kronos Group is proud to be an equal opportunity employer and is committed to maintaining a diverse and inclusive work environment. All qualified applicants will receive considerations for employment without regard to race, color, religion, sex, age, disability, marital status, familial status, sexual orientation, pregnancy, genetic information, gender identity, gender expression, national origin, ancestry, citizenship status, veteran status, and any other legally protected status under federal, state, or local anti-discrimination laws.

View The EEO Know Your Rights poster ( and its supplement .

View the Pay Transparency Nondiscrimination Provision (

UKG participates in E-Verify. View the E-Verify posters here ( .

Disability Accommodation

For individuals with disabilities that need additional assistance at any point in the application and interview process, please email